JNCIA-CLOUD: THE ULTIMATE RESOURCE FOR JUNIPER’S SDN CERTIFICATION

(Keep reading this post to find out how you can sit this exam for free. That’s right – FOR FREE!)

My aim in the next two years is to become JNCIE certified.

In fact, I’ve never told anyone this, but maybe it’s okay to tell you this one time: in the year 1675 my great-grandad made me promise him that one day I’d become expert-accredited with Juniper Networks. At the time I had no idea what it meant. Remember, this is a time before electricity. But now, 343 years later, I see that my granddad was full of a profound wisdom far beyond his years. It’s true!

As well as becoming an expert in Service Provider tech, I also want a good grounding in other areas of networking. So you can imagine that I was very romantically attracted to Juniper’s recent 3 x JNCIA badge, awarded to people who have passed the JNCIA-Junos, JNCIA-Cloud, and JNCDA (design) certs. What a great opportunity to learn SDN and design principles, because I personally haven’t had much chance to do any cloud stuff in my networking career. In fact, learning about SDN has, for me personally, seemed about as immediately relevant to my job as learning the names of all the dogs in Spain. The opportunities for me to get real-world experience of this new exciting SDN tech have so far been slim, and I’m very envious of my colleagues who get to do it in real life “on the reg”.

Now, thanks to Juniper’s new cert track, I know a lot more about all things SDN: the JNCIA-Cloud exam and syllabus are a great intro to some of the key concepts surrounding automation and software-defined network. In fact, I’m delighted to say that today I actually passed the exam, and I’m so happy that I took it. Three weeks ago I had no idea about concepts like NFV, PCEP, or OpenStack. You might as well have told me that virtualised networks ran on a Dwangle-Infused Pseudo-Hampton, reflected back into the turbo-web via pre-furdled Dribble-Stwips. But now, thanks to the JNCIA-Cloud exam, I can talk confidently about SDN technologies, and understand articles and literature about cloud-based networking without feeling like I’m way out of my depth.

One thing I definitely found during my studies though, was that Googling for “JNCIA-Cloud” brings up hardly anything of use. In fact, the search results are mainly made up of gross brain dumps. That simply won’t do. Not on my internet. So, I thought I’d do something about it, by writing a post with some useful links and info for anyone who wants to take this relatively new exam. My recent Ultimate Guide To Studying For The JNCIP-SP is by far my most popular post, so with any luck you’ll also enjoy this one!

CHRIS PARKER’S ULTIMATE JNICA-CLOUD STUDY GUIDE!

In this blog post you find headers matching each section on the JNCIA-Cloud syllabus, with some of my own notes, combined with plenty of good links and literature that will guide you on your quest for ultimate knowledge.

Now, it goes without saying that I am not in any way claiming that this post gives you all you need to pass the exam. In fact, I know for a fact that there were questions on the exam that I don’t cover below, and there’s also info below that isn’t on the exam at all. The point of this post isn’t to give you the exact things you need to pass the exam. Instead, the point of this post is to help you to self-study your way to a place where you can confidently talk about software-defined networking, to JNCIA-Cloud level.

WHAT LEVEL IS THE JNCIA-CLOUD PITCHED AT?

The JNCIA-Cloud is actually quite different to the JNCIA-Junos, in that it doesn’t involve any knowledge of actually configuring anything cloud-based. You won’t need to know any CLI commands, and you won’t need to know how to troubleshoot or debug. You won’t be expected to install Contrail from scratch, and you won’t be expected to deploy new virtual network functions.

Instead, the JNCIA-Cloud exam is designed to make sure that you understand the concepts of SDN, the Juniper SDN product set, the functional components of those products, and the protocols they use.

Don’t be fooled, it’s not an “easy” exam – you really do need to know the components of the things on the syllabus – but it’s all very achievable. I passed it with 3 weeks of studying at evenings and weekends, though it did take up pretty much all my spare time in those 3 weeks. You will have different personal commitments, and of course your own networking knowledge will make a difference. If you already have a good grounding in VMware you’ll probably knock it out quicker. If you’re brand new to all of it like I was, but you’ve also not got a good grasp on BGP and MPLS, maybe it’ll take a little longer. But keep it up, dive into the reading, and do your best. I’m sure you can pass if you try!

HOW DID YOU STUDY FOR THIS EXAM, CHRIS?

My method was a bit clumsy, but it worked for me.

The very first thing I did was to take this JNCIA-Cloud practice test at the Junos Genius website. I took it without having done a single bit of studying. For every question that I didn’t understand, I opened up a new tab and put the words and concepts I didn’t understand into Google. By the end of the exam I had about 100 tabs open. Lol! I then went through each page, spent a fortnight reading around it all, and then took the practice exam again. Finally, I watched all the videos I link to at the very bottom of this post, did some final round-up revision, and finally I took the real exam.

I’d actually recommend this method to other folks, because it lets you take a deep-dive into it all, and as you read around the concepts you’ll find yourself going down rabbit holes of blog posts and videos that you might not otherwise have found. It’s not very structured, but it is fun! But if you’d like something more structured, I hope you’ll find the links below useful too.

CLOUD ARCHITECTURES

The first section of the syllabus deals with the fundamental concepts: “Public, private, and hybrid clouds”, “XaaS”, and “Underlay versus overlay”.

“Underlay versus overlay”: Essentially, the underlay is your normal IP/IPv6 network, with cables, running OSPF or IS-IS etc. Your overlay network is the protocols like VXLANs and whatnot, that allow hosts at one end to talk to hosts at the other end, dynamically, using tunnels. In otherwords, they work on top of, or “over”, your underlying network. This article at Nuage Networks puts it well: “The core idea of an overlay network is that some form of encapsulation, or indirection, is used to decouple a network service from the underlying infrastructure”. Give that article a read!

There’s also some related technologies you’ll want to have an awareness of. For example, you’ll want to know a little about leaf-spine architectures. Again, you don’t need to know how to configure them, just the principles. Read this to learn about them.

You’ll also want to know a little about EVPN and VXLAN. A guy called David Mahler has made some great videos about SDN, and it’s worth giving a few videos on his channel a watch. Here’s one on VXLAN.

In the NFV section of the JNCIA-Cloud syllabus you’ll see that it mentions VNFs, and the NFV Framework.

NFV stands for Network Function Virtualisation, and refers to the general concept of virtualising network functions. Which is confusing, because a VNF refers to a Virtualised Network Function, which is a virtualised device. Oh boy! I swear this took me an entire day to get my head around. Give this piece a read for clarity, on the difference between NFV and VNF. Don’t even think of taking the exam until you know your NFV from your VNF!

There’s a thing called the NFV Framework, defined by the European Telecommunications Standards Institute (ETSI). Think of the NFV Framework as like a theoretical model for the way that different virtualised and physical functions can all work together, regardless of the hardware or the vendor.

This article is AMAZING at explaining how the NFV framework works. The section on the high-level architectural framework of NFV is golden, and explains it perfectly. It’s part of a chapter from a book called “Network Functions Virtualization (NFV) with a Touch of SDN”. Read it slowly, take it all in. It’s important!

The syllabus also asks you to know about the vMX, the vSRX, and NFX use cases. The NFX is Juniper’s new CPE device that lets you run some cool funky VNFs at your premises. There’s two at the moment – the NFX150 and the NFX250. Have a read abut them.

With all of these technologies, you generally don’t need to know how to configure them. You just need to know the philosophy of how the product works, the components, licensing, management etc. Having said that, it can’t hurt to give the install/configuration sections on those links a read, because it can only make you more confident in how the technologies work, and how they interact with other things.

SDN

Here’s what the syllabus says you need to know about SDN:

Identify the concepts, operation or functionality of software-defined networking

SDN types

Contrail Cloud/Networking

OpenStack

NSX

Orchestration

Automation

Honestly, I still don’t know what the syllabus means by “SDN types”. Sorry!

However, I can tell you that a big part of this section is understanding the philosophy of SDN. For example, you’ll want to know what an API is, and what the difference between a northbound and southbound API is. Click here for Northbound, and here for Southbound. Both of those pages have Further Reading links at the bottom. You’ll see that those links come from SDX Central, which is such a great resource. Spend half a day casually browsing and reading that website, and you’ll be a good chunk of the way towards your cert!

OpenFlow isn’t on the syllabus, but it’s good to know about. It’s a protocol that networking devices can use to have their data plane programmed by a controller. Earlier I mentioned David Mahler’s YouTube account. He’s made a general introduction to SDN, and an intro to OpenFlow. Honestly, check out the other stuff on his channel, there’s some great stuff on there.

One thing that took me a while to understand is that Contrail is actually an umbrella term for a few different products. To start with you’ve got Contrail Networking, and Contrail Cloud. Click those links to see the sales info about each. It can be a bit overwhelming at first, trying to understand the difference. I recommend going to Juniper’s Tech Library, and reading the “Understanding Contrail” section. You’ll notice on the left on that link that there’s lots of other Contrail pages in the Tech Library. Definitely spend some time reading through them!

As you read more about Contrail Networking, you’ll start to see that it’s made up of different nodes – Control Nodes, Config nodes, Analytics nodes, and so on. This is exactly the kind of thing this cert expects you to know about: not just the fact that Contrail exists, but the elements that make Contrail work. For example, the KB has a nice three-page section on the Analytics Nodes, which collect all the state information and usage stats.

It’s no good knowing about Contrail without knowing about OpenStack. Go here to read about it. As always, you’re going to want to know about the components that make up OpenStack, like Nova, Swift, Cinder, Neutron and so on.

NorthStar uses optimisation algorithms Juniper gained from buying a product called WANDL. I believe it’s pronounced “WAN DEE ELL”, because according to this page it stands for the Wide Area Network Design Laboratory.

Take some time to read about how NorthStar works. For example, you’ll want to know about the fact that it uses BGP-LS to learn the topology of the network, and PCEP to re-route LSPs. Don’t know what PCEP is? Give this Juniper doc a read, because it’s very cool! It stands for the Path Computation Element Protocol, and it’s used by a controller to program new label-switched paths on a remote router. Can’t hurt to read the Wiki page about it, too.

AppFormix is a monitoring and stats-gathering platform for multicloud environments. It can monitor things in private clouds, virtual machines in OpenStacks, AWS, Azure, and more. Here’s the sales documentation on it, which has a video of what the AppFormix dashboard looks like.

I first heard about Streaming Telemetry from a talk at NANOG from some Google engineers called “SNMP Is Dead“. Give it a watch, it’s great. Once you’ve watched that, you’ll find all that you need to know on the Juniper site, in the “Junos Telemetry Interface Feature Guide“. I know I’m repeating myself, but spend some time taking in the Tech Library articles, because they’re great on this.

As for Contrail Analytics, give this a read. This link is actually part of a KB section called “Monitoring and Troubleshooting Contrail”. As I say, you’re not really expected to be able to troubleshoot Contrail at JNCIA-Cloud level, but it’s worth reading all of this section anyway, because by learning the troubleshooting, you get a better feel for the elements that make up Contrail. You’ll see three pages on that link: “Contrail Analytics Overview”, “Contrail Alerts”, and “Underlay Overlay Mapping In Contrail”. All good stuff!

CLOUD MANAGED SERVICES

This section expects you to know about four things: CSO, vCPE/NFV (distributed, centralized), SD-WAN, and ZTP. What do those acronyms mean? Good question, Susan!

CSO is short for Contrail Service Orchestration, and it’s a different product to the Contrail we mentioned earlier. I’ve never used it, but it seems really cool: it’s basically a way for ISPs etc to deploy new WAN and LAN tech for customers. Need a new CPE? Send a box out, and it can call home to CSO to get its config. Need to deploy some extra functionality to the boxes? CSO can take care of it. When you know that Contrail Service Orchestrator can do things like that, words like SD-WAN and Cloud CPE start to make a bit more sense.

Once you’ve read that, then, AND ONLY THEN, should you watch some YouTube videos, because the videos that are currently on YouTube are not good at all, in any way at all. Here’s a 15 minute video that gives you visibility of lots of the options available to you, but doesn’t really explain the context of those options, or the philosophy. So do your reading first, and then give the video a watch.

Distributed/Centralized refers to two different ways of deploying CPEs using the CSO platform. The best way to find out what they are is to read the Tech Library chapters for the “Cloud CPE and SD-WAN Solutions Overview“. There’s tons of great stuff in here. CSO? Tick! SD-WAN? Tick! vCPE? Tick!

Sky ATP integrates with a thing called Policy Enforcer, which itself is a component of Junos Space security director. Blimey! That’s a lot of concepts. And when you’ve not actually used these services it can be a bit tricky to visualise all that.

As for Cyphort: mate, I’m still not sure what this is. All I could find on Google was pages reporting that Juniper had acquired Cyphort. It’s something to do with cloud security, and it sounds like whatever Cyphort was has been integrated into Sky ATP, because it also did threat protection. But beyond that I don’t know. Gosh, that’s a disappointing way to end a post like this isn’t it? Well, good job I’ve got something very exciting for you to end this very long article:

OKAY BUSTER, HOW CAN I TAKE THIS EXAM FOR FREE??

At the time of writing this (Nov 2018), the Junos Genius page has a 10-part training video course, which, if I’m being honest with you… it’s a bit patchy. The content itself is very useful, and you should absolutely definitely 100% watch it all. It goes without saying that Juniper’s own training is going to be very on-point when it comes to the contents of its exams.

Sadly though the videos are as dry as sand. (Just to clarify, I’m talking about dry sand.)

The video course could honestly have been half the length and just as good. Better, in fact. The whole thing was recorded on what sounds like a £3 eBay microphone. They could at least give us a 1.25x speed option. But I absolutely insist that you watch all the videos, because they do cover some good stuff for sure.

After you’ve watched the videos, there’s a practice exam. And if you pass it, you’ll get a voucher to take the exam for free! That’s a sweet $200 saving! Incredibly generous.

It took me about 3 days to get my code, which you just use at the time of booking the exam. But you can only take the practice exam after watching the videos. So give them a watch, then try the exam. The practice exam is pitched at a very similar level to the actual exam, so if you do well in the practice, you can have a good feeling about passing the real thing!

THAT’S IT!

Thank you so much for reading this post! Hey, have you taken the JNCIA-Cloud? Are you studying for it? Got any links or info I’ve missed? Either way, comment below! I’d love to hear from you.

And as always, I’d love it if you followed me on Twitter, so that you can see any new posts I make, and also so you can read my fresh nonsense.

Thanks a lot, Chris for such a brilliant guidance for JNCIA-cloud preparation. I am planning to give this exam, I would definitely follow all your above tips and suggestions .can you please tell me is there any book will cover all fundamentals which require to clear JNCIA -cloud certifucation in first attempt.

Sadly there isn’t one single book that covers everything. You often find with Juniper that there isn’t one single book for the entire exam. When you come from the CCNA world then this cam initially seem frustrating, but actually I’ve come to quite like it – it means that you have to read around the subject to pass the exam, reading blog posts, Juniper KB articles, Day One books, and vendor-neutral books. It requires more work, but you become a better engineer for it.

Also, anyone who claims to be able to help you pass an exam “in the first attempt” is either lying, or selling you brain dumps. Either way it’s bad. This exam is very achievable if you study though. Read the links in my post, Google around the topics, read the Juniper website, and I’m sure you’ll be good for it. 🙂

Your email address will not be published. Required fields are marked *

Comment

Name *

Email *

Website

Hi!

I’m Chris, a network engineer from London. This is a blog of random knowledge I’ve acquired while studying for some sweet sexy network engineering certifications. Technically vendor neutral, but as you’ll soon find out, I love Junos very much.

As I learn cool new stuff, I try to write it up with plenty of jokes, and a generous dollop of silliness, so that you’ll have as much fun learning about networking as I do.